package com.fanbuchi.app.ins.api;

import com.fanbuchi.app.ins.vo.auth.Auth;
import com.fanbuchi.app.ins.vo.auth.Introspect;

import retrofit.http.Field;
import retrofit.http.FormUrlEncoded;
import retrofit.http.POST;
import rx.Observable;

/**
 * Created by rabbit on 2016/3/21.
 */
public interface AuthAPI {

    /**
     * @title   Grant Types  PASSWORD
     * curl --compressed -v localhost:8080/v1/oauth/tokens
     * -u test_client_3:test_secre \
     * -d "grant_type=password" \
     * -d "username=admin@qq.com" \
     * -d "password=qw123" \
     * -d "scope=read_write"
     * @param userName 用户名
     * @param password
     * @param grant_type {@link com.fanbuchi.app.ins.vo.enums.GrantType#password}
     * @param scope {@link com.fanbuchi.app.ins.vo.enums.Scope}
     * @return {
                "user_id": 1,
                "access_token": "00ccd40e-72ca-4e79-a4b6-67c95e2e3f1c",
                "expires_in": 3600,
                "token_type": "Bearer",
                "scope": "read_write",
                "refresh_token": "6fd8d272-375a-4d8a-8d0f-43367dc8b791"
                }
     */
    @FormUrlEncoded
    @POST("/v1/oauth/tokens")
    Observable<Auth> oauth(@Field("username") String userName
                    , @Field("password") String password
                    , @Field("grant_type") String grant_type
                    , @Field("scope") String scope
            );

    /**
     * @title Grant Types  Authorization Code
     * curl --compressed -v localhost:8080/v1/oauth/tokens \
        -u test_client_1:test_secret \
        -d "grant_type=authorization_code" \
        -d "code=7afb1c55-76e4-4c76-adb7-9d657cb47a27" \
        -d "redirect_uri=https://www.example.com"
     * @param code 授权码
     * @param grant_type {@link com.fanbuchi.app.ins.vo.enums.GrantType#authorization_code}
     * @param redirect_uri 重定向url
     * @return {
                "user_id": 1,
                "access_token": "00ccd40e-72ca-4e79-a4b6-67c95e2e3f1c",
                "expires_in": 3600,
                "token_type": "Bearer",
                "scope": "read_write",
                "refresh_token": "6fd8d272-375a-4d8a-8d0f-43367dc8b791"
                }
     */
    @FormUrlEncoded
    @POST("/v1/oauth/tokens")
    Observable<Auth> oauth(@Field("code") String code
            , @Field("grant_type") String grant_type
            , @Field("redirect_uri") String redirect_uri
    );


    /**
     * @title grant_type client_credentials
     *  curl --compressed -v localhost:8080/v1/oauth/tokens \
        -u test_client_1:test_secret \
        -d "grant_type=client_credentials" \
        -d "scope=read_write"
     * @param grant_type {@link com.fanbuchi.app.ins.vo.enums.GrantType#client_credentials}
     * @param scope  read_write | read
     * @return {
                "user_id": 1,
                "access_token": "1f962bd5-7890-435d-b619-584b6aa32e6c",
                "expires_in": 3600,
                "token_type": "Bearer",
                "scope": "read_write",
                "refresh_token": "3a6b45b8-9d29-4cba-8a1b-0093e8a2b933"
                }
     */
    @FormUrlEncoded
    @POST("/v1/oauth/tokens")
    Observable<Auth> oauth(@Field("grant_type") String grant_type
            , @Field("scope") String scope
    );

    /**
     * @title curl --compressed -v localhost:8080/v1/oauth/tokens \
    -u test_client_1:test_secret \
    -d "grant_type=refresh_token" \
    -d "refresh_token=6fd8d272-375a-4d8a-8d0f-43367dc8b791"
     * @param grant_type {@link com.fanbuchi.app.ins.vo.enums.GrantType#refresh_token}
     * @param refresh_token
     * @return {
                "user_id": 1,
                "access_token": "1f962bd5-7890-435d-b619-584b6aa32e6c",
                "expires_in": 3600,
                "token_type": "Bearer",
                "scope": "read_write",
                "refresh_token": "3a6b45b8-9d29-4cba-8a1b-0093e8a2b933"
                }
     */
    @FormUrlEncoded
    @POST("/v1/oauth/tokens")
    Observable<Auth> refreshToken(@Field("grant_type") String grant_type
            , @Field("refresh_token") String refresh_token
    );


    /**
     * @title  introspect
     * curl --compressed -v localhost:8080/v1/oauth/introspect \
        -u test_client_1:test_secret \
        -d "token=00ccd40e-72ca-4e79-a4b6-67c95e2e3f1c" \
        -d "token_type_hint=access_token"
     * @param token  00ccd40e-72ca-4e79-a4b6-67c95e2e3f1c
     * @param tokenTypeHint value#access_token
     * @return {
                "user_id": 1,
                "access_token": "00ccd40e-72ca-4e79-a4b6-67c95e2e3f1c",
                "expires_in": 3600,
                "token_type": "Bearer",
                "scope": "read_write",
                "refresh_token": "6fd8d272-375a-4d8a-8d0f-43367dc8b791"
                }
     */
    @FormUrlEncoded
    @POST("/v1/oauth/introspect")
    Observable<Introspect> introspect(@Field("token_type_hint") String tokenTypeHint
               ,@Field("token") String token
    );

}
